summaryrefslogtreecommitdiffstats
path: root/include
diff options
context:
space:
mode:
authorArun Persaud <arun@nubati.net>2016-04-10 11:42:28 -0700
committerArun Persaud <arun@nubati.net>2016-04-10 11:42:28 -0700
commitfca4b445ba9fd3ca6abdd7c08a59e25b817c537b (patch)
treeeb478659b6c6da709be1940a950834970e22b940 /include
parentecabf718a77ca979d16ef9d55f8db962fd3e814b (diff)
downloade-DoKo-fca4b445ba9fd3ca6abdd7c08a59e25b817c537b.tar.gz
e-DoKo-fca4b445ba9fd3ca6abdd7c08a59e25b817c537b.tar.bz2
e-DoKo-fca4b445ba9fd3ca6abdd7c08a59e25b817c537b.zip
BUGFIX: fix password for password recovery (was not random enough)
The password was just a constant string, the email, and the current time. Therefore, someone could just request a new password and even without getting the email, just try out different time stamps around the time the person requested the email and recover the temporary password. Added a random string to generate the password, which should fix this.
Diffstat (limited to 'include')
-rw-r--r--include/user.php3
1 files changed, 2 insertions, 1 deletions
diff --git a/include/user.php b/include/user.php
index 19b9544..f58293e 100644
--- a/include/user.php
+++ b/include/user.php
@@ -67,7 +67,8 @@ if(myisset('forgot'))
/* create temporary password, use the fist 8 letters of a md5 hash */
$TIME = (string) time(); /* to avoid collisions */
- $hash = md5('Anewpassword'.$email.$TIME);
+ $rndstring = sha1(rand()); /* add some randomness */
+ $hash = md5('Anewpassword'.$email.$TIME.$rndstring);
$newpw = substr($hash,1,8);
$message = sprintf( _("Someone (hopefully you) requested a new password.\n".